diff -Nur MPlayer-1.0rc2.orig/libmpdemux/demux_audio.c MPlayer-1.0rc2/libmpdemux/demux_audio.c
--- MPlayer-1.0rc2.orig/libmpdemux/demux_audio.c	2008-02-01 09:57:58.058713289 -0600
+++ MPlayer-1.0rc2/libmpdemux/demux_audio.c	2008-02-01 09:57:07.479830963 -0600
@@ -229,6 +229,8 @@
           ptr += 4;
 
           comment = ptr;
+          if (&comment[length] < comments || &comment[length] >= &comments[blk_len])
+            return;
           c = comment[length];
           comment[length] = 0;
 
